Incransom Claims Meirc Breach, Threatens to Leak 1TB of Client Data
May 26, 2026
Incransom has claimed a full-network breach of Meirc Training & Consulting on May 25, threatening to publish 1TB of employee
Cybersecurity
Incransom Claims Meirc Breach, Threatens to Leak 1TB of Client Data
Incransom has claimed a full-network breach of Meirc Training & Consulting on May 25, threatening to publish 1TB of employee and client data within one ...
DragonForce Lists Indiana Greenhouse Firm Heartland Growers
DragonForce ransomware listed Indiana wholesale greenhouse firm Heartland Growers on its dark web leak site amid escalating agricultural sector targeting.
Nova Ransomware Hits Brazilian Government Agency and Turkish Tech Firm
Nova ransomware claimed Brazil's SECONT and Turkey's Adensa Teknoloji on May 24, its third posting in three days spanning South America, Europe, and Turkey.
Qilin Ransomware Batch-Lists 7 Victims Across Five Countries
Qilin ransomware disclosed seven victims in a single May 24 batch across five countries, including a Czech financial firm and US accounting services provider.
Nightspire Ransomware Hits US Healthcare in Nine-Victim Batch
Nightspire ransomware posted nine victims on May 24 including US adult day center La Familia, an Egyptian Papa John's franchise, and a consumer lender across ...
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
Attackers exploited CVE-2026-26980 in Ghost CMS to compromise 700+ domains including Harvard and Oxford, turning them into ClickFix malware distribution points.
Laravel Lang Supply Chain Attack Hijacks 700 Package Versions
Attackers rewrote git tags across four Laravel Lang packages to deploy a PHP credential stealer and Windows executable targeting developer machines and servers.
Underminr Flaw Lets Attackers Hide C2 Traffic on 88M Domains
Researcher David Redekop of ADAMnetworks disclosed Underminr, a CDN flaw affecting 88 million domains that routes C2 traffic through trusted hostnames.
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Anthropic's Project Glasswing AI found 10,000+ high-severity CVEs in 1,000 open-source projects in one month, but only 97 patches were deployed upstream.
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all tenants on a shared host.
DragonForce Lists Indiana Greenhouse Firm Heartland Growers
May 26, 2026
DragonForce ransomware listed Indiana wholesale greenhouse firm Heartland Growers on its dark web leak site amid escalating agricultural sector targeting.
Nova Ransomware Hits Brazilian Government Agency and Turkish Tech Firm
May 26, 2026
Nova ransomware claimed Brazil’s SECONT and Turkey’s Adensa Teknoloji on May 24, its third posting in three days spanning South
Qilin Ransomware Batch-Lists 7 Victims Across Five Countries
May 26, 2026
Qilin ransomware disclosed seven victims in a single May 24 batch across five countries, including a Czech financial firm and
Nightspire Ransomware Hits US Healthcare in Nine-Victim Batch
May 26, 2026
Nightspire ransomware posted nine victims on May 24 including US adult day center La Familia, an Egyptian Papa John’s franchise,
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
May 25, 2026
Attackers exploited CVE-2026-26980 in Ghost CMS to compromise 700+ domains including Harvard and Oxford, turning them into ClickFix malware distribution
Laravel Lang Supply Chain Attack Hijacks 700 Package Versions
May 25, 2026
Attackers rewrote git tags across four Laravel Lang packages to deploy a PHP credential stealer and Windows executable targeting developer
Underminr Flaw Lets Attackers Hide C2 Traffic on 88M Domains
May 25, 2026
Researcher David Redekop of ADAMnetworks disclosed Underminr, a CDN flaw affecting 88 million domains that routes C2 traffic through trusted
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
May 25, 2026
Anthropic’s Project Glasswing AI found 10,000+ high-severity CVEs in 1,000 open-source projects in one month, but only 97 patches were
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
May 25, 2026
A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.